redline | 965e81ee79750b92e427d5b1b03169a4f6e62842b869142777e838804827b651 | Triage

Submit
Reports

Overview

overview

Static

static

3

3005ae9726...18.exe

windows7-x64

3005ae9726...18.exe

windows10-2004-x64

Sharing

General

Target

3005ae9726d7171430eb98138aacb0c9_JaffaCakes118
Size

278KB
Sample

240330-bj9beaed64
MD5

3005ae9726d7171430eb98138aacb0c9
SHA1

442e27573868786276262bf9f76ee778b0f45fe4
SHA256

965e81ee79750b92e427d5b1b03169a4f6e62842b869142777e838804827b651
SHA512

cdc4e8ea6ff8fe9cea4a05608b95c619288994ea597987826df0491a6afd22382890dd4baedcb55691c7bf667e49039014c442cac969d0ee8880c65dc7ae48fd
SSDEEP

6144:AtKbreYWP1wkNIA84X3hBt7ejZlfbVu0Vx98aCaodlHR7vE:CKbrjWNYLGxrKZlzlH8njHR7

Score

10^/10

redline sectoprat sewpalp infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3005ae9726d7171430eb98138aacb0c9_JaffaCakes118.exe

Resource

win7-20240221-en

redline sectoprat sewpalp infostealer rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

3005ae9726d7171430eb98138aacb0c9_JaffaCakes118.exe

Resource

win10v2004-20240226-en

redline sectoprat sewpalp infostealer rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

sewPalp

C2

185.215.113.29:24645

Attributes

auth_value
41d3df6d093b1e36993abf16af0d6f2d

Targets

- Target
  
  3005ae9726d7171430eb98138aacb0c9_JaffaCakes118
- Size
  
  278KB
- MD5
  
  3005ae9726d7171430eb98138aacb0c9
- SHA1
  
  442e27573868786276262bf9f76ee778b0f45fe4
- SHA256
  
  965e81ee79750b92e427d5b1b03169a4f6e62842b869142777e838804827b651
- SHA512
  
  cdc4e8ea6ff8fe9cea4a05608b95c619288994ea597987826df0491a6afd22382890dd4baedcb55691c7bf667e49039014c442cac969d0ee8880c65dc7ae48fd
- SSDEEP
  
  6144:AtKbreYWP1wkNIA84X3hBt7ejZlfbVu0Vx98aCaodlHR7vE:CKbrjWNYLGxrKZlzlH8njHR7
Score

10^/10

redline sectoprat sewpalp infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesectopratsewpalpinfostealerrattrojan

behavioral2

redlinesectopratsewpalpinfostealerrattrojan

© 2018-2024

Terms | Privacy